CVE-2026-39857

creationtimestamp| type| source ---|---|--- 2026-04-16 20:45:15+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-c276-fj82-f2pq...

GHSA-P2GH-CFQ4-4WJC

creationtimestamp| type| source ---|---|--- 2026-04-16 17:21:05+00:00| published-proof-of-concept| Telegram/YKX-6KXVqHKUWR-VRt4uZwi-aDyDZ2w2e-w4Y4gyD3o3fyw...

GHSA-JG4P-7FHP-P32P vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, kibana, opensearch-dashboards-fips...

CVE-2026-41244

creationtimestamp| type| source ---|---|--- 2026-04-15 08:23:19+00:00| published-proof-of-concept| https://github.com/notamitgamer/mojic/security/advisories/GHSA-wqq3-wfmp-v85g...

GHSA-J6M5-2CC7-3WHC

creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:21+00:00| published-proof-of-concept| Telegram/GYbH54sRbOOqgznzSrvNbIPKqa8TpEiUvDUzTYtUUyxy-E...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the magnify when an unrecognized magnify:method value is provided. An attacker can cause a denial of service by triggering an out-of-bounds read during image processing. Remediation A fix was pushed into t...

CVE-2026-41061

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:21+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-8pv3-29pp-pf8f...

GHSA-W8C4-C7R8-QGW2

creationtimestamp| type| source ---|---|--- 2026-04-14 23:21:40+00:00| published-proof-of-concept| Telegram/vFalP9cCg-kFoPrSdHM4ZH4qnLHRdngXJCuq8FbW2RkF4k...

CVE-2026-40594

creationtimestamp| type| source ---|---|--- 2026-04-14 21:24:21+00:00| published-proof-of-concept| https://github.com/pyload/pyload/security/advisories/GHSA-mp82-fmj6-f22v...

GHSA-WJ62-C5GR-2X53

creationtimestamp| type| source ---|---|--- 2026-04-14 17:27:49+00:00| seen| Telegram/X69Hoh64i7djUBejuAQijXCf66JncuFnYRKez2YtZF33U...

GHSA-G985-WJH9-QXXC

creationtimestamp| type| source ---|---|--- 2026-04-14 05:17:42+00:00| seen| Telegram/EXit4BCARRaTXD4SBLqO-yd3UPNB5jBijYowsPR2aTE5HY...

Out-of-bounds Read

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

CVE-2026-40907

creationtimestamp| type| source ---|---|--- 2026-04-13 12:03:15+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-gpgp-w4x2-h3h7...

GHSA-R6QV-FRPC-Q66C vulnerabilities

Vulnerabilities for packages: jenkins...

GHSA-326M-34V3-GV5P vulnerabilities

Vulnerabilities for packages: nodejs...

GHSA-JRG3-GFJW-HM96 vulnerabilities

Vulnerabilities for packages: cert-manager-csi-driver, grpcurl, cerbos, cloud-sql-proxy, swagger, frp, extism, task, configmap-reload, knative-serving, kube-state-metrics, apache-exporter, promxy, k8sgpt-operator, knative-operator, custom-pod-autoscaler, bank-vaults, thanos-operator,...

GHSA-QH3H-3QGQ-CXV8 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2026-40148

creationtimestamp| type| source ---|---|--- 2026-04-10 19:26:21+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-f2h6-7xfr-xm8w...

Arbitrary Code Injection

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Arbitrary Code Injection in the executecodedirect function when the AST-based filtering mechanism fails to block dangerous attribute access...

GHSA-3P68-RC4W-QGX5 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse, jitsucom-jitsu, lerna, kubeflow-pipelines, saf, kubeflow-centraldashboard, prism...